Bug 519184 - nfsnobody == 4294967294 causes idmapd to stop responding
Summary: nfsnobody == 4294967294 causes idmapd to stop responding
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel
Version: 5.4
Hardware: All
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Jeff Layton
QA Contact: Red Hat Kernel QE team
URL:
Whiteboard:
: 533835 (view as bug list)
Depends On:
Blocks: 523285 526775 526950 533192
TreeView+ depends on / blocked
 
Reported: 2009-08-25 15:04 UTC by Sachin Prabhu
Modified: 2018-11-27 21:22 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 523285 (view as bug list)
Environment:
Last Closed: 2010-03-30 07:18:19 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2010:0178 0 normal SHIPPED_LIVE Important: Red Hat Enterprise Linux 5.5 kernel security and bug fix update 2010-03-29 12:18:21 UTC

Description Sachin Prabhu 2009-08-25 15:04:29 UTC
This is a RHEL 5 report for bz 225507. The report is based on the upstream thread
http://linux-nfs.org/pipermail/nfsv4/2007-December/007321.html

To recreate:

1) On the server, set anonuid/anongid as 4294967294
# cat /etc/exports 
/export *(rw,insecure,fsid=0) 
/export/data *(rw,anonuid=4294967294,anongid=4294967294)
Restart nfs to export the filesystem
2) On the server create a file with uid set to 4294967294
mkdir /export/data/test
touch /export/data/test/a
chown 4294967294 /export/data/test/a
3) Mount the nfs4 export on a client
mount -r nfs4 server:/data /mnt
4) cd /mnt/test/
5) ls -l 

The system will hang.

The upcall by the nfs module uses a signed number. Thus the uid 4294967294 gets translated to -2 which confuses rpc.idmapd.

Comment 1 Sachin Prabhu 2009-08-25 15:05:50 UTC
Patch available at
http://linux-nfs.org/pipermail/nfsv4/2007-December/007321.html

Comment 3 Sachin Prabhu 2009-08-25 15:09:39 UTC
A test kernel with the patch from c#1 was tested successfully by the user.

Comment 6 Jeff Layton 2009-09-10 17:46:37 UTC
Patch looks straightforward and obviously correct. I've added it to my test kernels here to get some soak time:

http://people.redhat.com/jlayton/

...I'd also think I see the problem with idmapd that causes it to stop responding. For most error conditions, the nfsdcb() function does not requeue the event (i.e. call event_add() again). That means that once we hit an error condition idmapd stops watching that file descriptor.

I've got a patch that should help fix that, but it needs to be tested a little more and I want to get some upstream feedback on it.

Comment 7 Jeff Layton 2009-09-10 19:46:44 UTC
Patch for idmapd sent upstream. If it gets accepted I'll plan to clone this bug and we'll get this patch into RHEL too:

http://marc.info/?l=linux-nfs&m=125261173214324&w=2

Comment 9 RHEL Program Management 2009-09-25 17:40:35 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 10 Don Zickus 2009-10-06 19:39:02 UTC
in kernel-2.6.18-168.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5

Please do NOT transition this bugzilla state to VERIFIED until our QE team
has sent specific instructions indicating when to do so.  However feel free
to provide a comment indicating that this fix has been verified.

Comment 12 Chris Ward 2010-02-11 10:13:48 UTC
~~ Attention Customers and Partners - RHEL 5.5 Beta is now available on RHN ~~

RHEL 5.5 Beta has been released! There should be a fix present in this 
release that addresses your request. Please test and report back results 
here, by March 3rd 2010 (2010-03-03) or sooner.

Upon successful verification of this request, post your results and update 
the Verified field in Bugzilla with the appropriate value.

If you encounter any issues while testing, please describe them and set 
this bug into NEED_INFO. If you encounter new defects or have additional 
patch(es) to request for inclusion, please clone this bug per each request
and escalate through your support representative.

Comment 14 yanfu,wang 2010-02-26 07:39:46 UTC
who is Pierre? seems he isn't in CC list.
if he could provides test result?

Comment 16 yanfu,wang 2010-03-10 10:53:53 UTC
can reproduce on 5.4:
1) On the server, set anonuid/anongid as 4294967294
# cat /etc/exports 
/export *(rw,insecure,fsid=0) 
/export/data *(rw,anonuid=4294967294,anongid=4294967294)
Restart nfs to export the filesystem
2) On the server create a file with uid set to 4294967294
mkdir /export/data/test
touch /export/data/test/a
chown 4294967294 /export/data/test/a
3) Mount the nfs4 export on a client
mount -t nfs4 server:/data /mnt
or:
mount -t nfs4 localhost:/data /mnt
4) cd /mnt/test/
5) ls -l 

check error:
# vim /var/log/messages
Mar  2 02:53:40 amd-chipotle-01 rpc.idmapd[7117]: nfsdcb: id '-2' too big!

verify on 5.5 kernel 2.6.18-190.el5 and no problem.

Comment 18 errata-xmlrpc 2010-03-30 07:18:19 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2010-0178.html

Comment 20 Jeff Layton 2011-05-02 18:45:01 UTC
*** Bug 533835 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.